<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<title>OpenSSH Manual Pages</title>
<link rev=made href="mailto:www@openbsd.org">
<meta name="resource-type" content="document">
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
<meta name="description" content="OpenSSH Manual Pages">
<meta name="keywords" content="OpenSSH,manual">
<meta name="distribution" content="global">
<meta name="copyright" content="This document copyright 1999-2005 by OpenBSD.">
</head>

<body bgcolor="#ffffff" text="#000000" link="#23238E">

<a href="index.html"><img alt="[OpenSSH]" height="30" width="141" src="images/smalltitle.gif" border="0"></a>
<p>
<h2><font color="#e00000">Manual pages</font></h2>
<hr>

Web manual pages are available from OpenBSD for the following commands.
These manual pages reflect the latest development release of OpenSSH.<p>

<ul>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh&amp;sektion=1">ssh(1)</a> -
    The basic rlogin/rsh-like client program.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd&amp;sektion=8">sshd(8)</a> -
    The daemon that permits you to login.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh_config&amp;sektion=5">ssh_config(5)</a> -
    The client configuration file.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&amp;sektion=5">sshd_config(5)</a> -
    The daemon configuration file.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&amp;sektion=1">ssh-agent(1)</a> -
    An authentication agent that can store private keys.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-add&amp;sektion=1">ssh-add(1)</a> -
    Tool which adds keys to in the above agent.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&amp;sektion=1">sftp(1)</a> -
    FTP-like program that works over SSH1 and SSH2 protocol.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=scp&amp;sektion=1">scp(1)</a> -
    File copy program that acts like rcp(1).<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&amp;sektion=1">ssh-keygen(1)</a> -
    Key generation tool.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&amp;sektion=8">sftp-server(8)</a> -
    SFTP server subsystem (started automatically by sshd).<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keyscan&amp;sektion=1">ssh-keyscan(1)</a> -
    Utility for gathering public host keys from a number of hosts.<br>
<li><a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keysign&amp;sektion=8">ssh-keysign(8)</a> -
    Helper program for hostbased authentication.<br>
</ul>
<p>
The SSH2 protocol implemented in OpenSSH is
standardized by the IETF
<a href="http://www.ietf.org/html.charters/secsh-charter.html">secsh</a>
working group and is specified in several RFCs and drafts.
The overall structure of SSH2 is described in the
<a href="http://www.ietf.org/rfc/rfc4251.txt">architecture</a>
RFC.
It is composed of three layered components:
<p>
<ul>
<li>
The 
<a href="http://www.ietf.org/rfc/rfc4253.txt">transport layer</a>
provides algorithm negotiation and a key exchange.
The key exchange includes server authentication and
results in a cryptographically secured connection:
it provides integrity, confidentiality and optional compression.
<li>
The 
<a href="http://www.ietf.org/rfc/rfc4252.txt">user authentication layer</a>
uses the established connection and relies on the services provided
by the transport layer.
It provides several mechanisms for user authentication.
These include traditional password authentication as well as public-key
or host-based authentication mechanisms.
<li> The 
<a href="http://www.ietf.org/rfc/rfc4254.txt">connection layer</a>
multiplexes many different concurrent channels over the authenticated connection
and allows tunneling of login sessions and TCP-forwarding.
It provides a flow control service for these channels.
Additionally, various channel-specific options can be negotiated.
</ul>
Additional documents specify:
<ul>
<li> The
<a href="http://www.ietf.org/rfc/rfc4256.txt">interactive
authentication</a>
RFC provides support for new authentication schemes like S/Key
or TIS authentication.
<li> The SFTP file transfer protocol is specified in the
<a href="txt/draft-ietf-secsh-filexfer-02.txt">filexfer</a> draft.
OpenSSH implements a SFTP
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp&amp;sektion=1">client</a> and
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=sftp-server&amp;sektion=8">server</a>.
<li> A file format for public keys is specified in the 
<a href="txt/draft-ietf-secsh-publickeyfile-02.txt">publickeyfile</a> draft.
The command
<a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen&amp;sektion=1">ssh-keygen(1)</a> can be used to convert an OpenSSH public key to this file format.
<li> The
<a href="http://www.ietf.org/rfc/rfc4419.txt">Diffie-Hellman Group Exchange</a> allows clients to request more secure groups for the Diffie-Hellman key exchange.
<li>OpenSSH implemented a compression method "zlib@openssh.com" that delays
    starting compression until after user authentication, to eliminate the
    risk of pre-authentication attacks against the compression code. It is
    described in
    <a href="txt/draft-miller-secsh-compression-delayed-00.txt">draft-miller-secsh-compression-delayed-00.txt</a>.
<li>OpenSSH implements an additional MAC (Message Authentication Code) 
    "umac-64@openssh.com", which has superior performance to the ones specified
    in RFC 4253. It is described in
    <a href="txt/draft-miller-secsh-umac-01.txt">draft-miller-secsh-umac-01.txt</a>.
<li>The authentication agent protocol used by
    <a href="http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-agent&amp;sektion=1">ssh-agent</a> is documented in the
    <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL.agent?rev=HEAD">PROTOCOL.agent</a> file.
<li>OpenSSH makes various other minor extensions to and divergences from the
    standard SSH protocols. These are documented in the
    <a href="http://www.openbsd.org/cgi-bin/cvsweb/src/usr.bin/ssh/PROTOCOL?rev=HEAD">PROTOCOL</a> file.
</ul>
<p>
There is also a mailing list
for general discussions about the SSH2 protocol
(<a href="mailto:ietf-ssh@netbsd.org">ietf-ssh@netbsd.org</a>).
<p>

<hr>
<a href="index.html"><img height=24 width=24 src="back.gif" border=0 alt=OpenSSH></a>
<a href="mailto:www@openbsd.org">www@openbsd.org</a>
<br>
<small>$OpenBSD: manual.html,v 1.31 2008/07/12 09:18:04 tobias Exp $</small>

</body>
</html>
